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DETAILED ACTION 



This first non-final action is in response to the original filing of 04/08/2004. Claims 1-15 
are pending and have been considered as follows. 

Specification 

1 . The disclosure is objected to because of the following informalities: Paragraph 0033 line 
4 of the specification contains the acronym term "PAN," however, it is never defined. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 1-8 & 1 1-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ketcham (US-6075860-A) in view of Carroll etal (US-661 1913-Bl). 

Claim 1: 

Ketcham discloses a secured communication method for a mobile conmiunications network, the 



method comprising. 
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- "receiving a request to provide a security key to a mobile device connected to the mobile 
communications network" (i.e. "Account generator 200 comprises a key generator 202 
receptive to an authorization request for generation of a cryptographically suitable 
authentication encryption key") [column 6 lines 48-51]; 

- "generating a unique security key for the requesting mobile device" (i.e. "Key generator 
202 generates authentication encryption key") [column 6 lines 51-52] ; 

- "forwarding the unique security key to the mobile device" (i.e. "FIG. 2 is a functional 
block diagram depicting the generation, distribution, and processing of authentication 
keys in accordance with one embodiment of the present invention") [column 6 lines 42- 
45]; 

but Ketcham does not disclose, 

- "receiving a request to provide the unique security key for the mobile device to a service 
provider" 

- "providing the unique security key to the service provider, if the service provider is 
approved to receive the unique security key for the mobile device" 

however, Carroll et al do disclose, 

- "During OTASP, carrier 140, also referred to as the service provider, receives the unique 
AKID.sub.i from a potential subscriber's wireless communication device" [column 6 
lines 36-38]; 

- "Both carrier 140 and activating wireless communication device 110 generate the same 
A-Key (or encryption key) independently and perform mutual authentication" [column 6 
lines 42-45]; 
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Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "receiving a request to provide the unique security key for the 
mobile device to a service provider" and "providing the unique security key to the service 
provider, if the service provider is approved to receive the unique security key for the mobile 
device," as disclosed by Carroll et ah in the invention as disclosed by Ketcham for the purposes 
of performing mutual authentication. 
Claim 2: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 1 above, but Ketcham does not disclose, 

- "denying the request to provide the unique security key, if the service provider is not 
approved to receive the unique security key for the mobile device" 

however, Carroll et al do disclose, 

- "Carrier 140 transmits the AKID.sub.i to clearinghouse 130 over a secure communication 
line and receives the associated unique M.sub.i, AK.sub.i, and VERC.sub.i. Carrier 140 
then transmits the mask M.sub.i to the activating wireless communication device 110. 
Both carrier 140 and activating wireless communication device 110 generate the same A- 
Key (or encryption key) independently and perform mutual authentication" [column 6 
lines 38-45]; 
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Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "denying the request to provide the unique security key, if the 
service provider is not approved to receive the unique security key for the mobile device," in the 
invention as disclosed by Ketcham for the purposes of performing mutual authentication since if 
the individually generated encryption key is invalid, then the "unique security key" would not be 
divulged. 
Claim 3: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
coromunications network as in Claim 1 above, Ketcham further discloses, 

- "storing the unique security key in the mobile device's data storage mechanism" (i.e. 
"Authentication card 118 stores an MSID 204, an authentication encryption key 206, and 
optionally may store other information such as algorithmic identifiers 402, optional 
parameters 412 for configuring or personalizing a remote terminal 102 according to an 
authorized user's preferences") [column 8 lines 13-18]. 

Claim 4: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 3 above, Ketcham further discloses, 

- "the data storage mechanism is a memory chip" (i.e, "Authentication card 1 18 is a 
portable storage device such as a smart card that may be conveniently transported by an 
authorized user to a remote terminal") [cplunm 8 lines 19-21], 
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Claim 5: 

Ketcham and Carroll et al disclose a secured conununication method for a mobile 
communications network as in Claim 3 above, Ketcham further discloses, 

- 'the data storage mechanism is an identity module for the mobile device" (i.e. 
"Authentication card 118 stores an MSID 204, an authentication encryption key 206, and 
optionally may store other information such as algorithmic identifiers 402, optional 
parameters 412 for configuring or personalizing a remote terminal 102 according to an 
authorized user's preferences") [column 8 lines 13-18]. 

Claim 6: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 3 above, Ketcham fiirther discloses, 

- "the data storage mechanism is a SIM card for the mobile device" (i.e. "authentication 
card 118 takes the form of a GSM subscriber identity module (SIM)") [colunrn 8 lines 
21-23]. 

Claim 7: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 1 above, Ketcham further discloses, 

- "storing the unique security key in a data structure in association with a unique value 
identifying the mobile device" (i.e. "Network server 108 is further comprised of a 
network server authentication database 208 for receiving and storing MSID 204 and 
authentication encryption key") [column 7 lines 17-19], 



Application/Control Number: 10/820,682 Page 7 

Art Unit: 2109 

Claim 8: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 7 above, Ketcham further discloses, 

- "the unique value is at least one of the mobile device's electronic serial number (ESN), 
intemational mobile equipment identity (IMEI) and phone number" (i.e. "Authentication 
card 118 stores an MSID 204, an authentication encryption key 206, and optionally may 
store other information such as algorithmic identifiers 402, optional parameters 412 for 
configuring or personalizing a remote terminal 102 according to an authorized user's 
preferences") [column 8 lines 13-18]") [column 8 lines 13-18]. 

Claim 11: 

Ketcham discloses a security system for managing security key assignment in a mobile 
communications terminal, the security system comprising, 

- "a key generating mechanism for generating a imique security key for a niobile device, in 
response to a request received by the security system from the mobile device" (i.e. "Both 
carrier 140 and activating wireless communication device 110 generate the same A-Key 
(or encryption key) independently and perform mutual authentication") [column 6 lines 
42-45]; 

- "a transmission mechanism for transmitting the unique security key to the mobile device" 
(i.e. "Both carrier 140 and activating wireless communication device 110 generate the 
same A-Key (or encryption key) independently and perform mutual authentication") 
[column 6 lines 42-45]; 
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- "a data storage mechanism for storing the unique security key for the mobile device in 
association with an identifier identifying the mobile device" (i.e. "Network server 108 is 
further comprised of a network server authentication database 208 for receiving and 
storing MSED 204 and authentication encryption key") [colunui 7 lines 17-19]; 

but Ketcham does not disclose, 

- "wherein the unique security key is transmitted to a service provider, in response to a 
request submitted by the service provider to the security system" 

however, Carroll et al do disclose, 

- "In response to a request for activation by the subscriber, wireless conmiunication device 
110 requests activation fi*om carrier 140, the service provider, by-transmitting the unique 
AKID.sub.i from one of the activation pairs stored within device 110 (step 320). 
Generally, the unique AKID.sub.i chosen in the initial request is fi"om the activation pair 
at the top of the stored hst. After receiving the unique AKID.sub.i, carrier 140 transmits 
AKID.sub.i to clearinghouse 130 over a protected communication channel" [column 7 
lines 9-17]; 

Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "wherein the unique security key is transmitted to a service 
provider, in response to a request submitted by the service provider to the security system," in 
the invention as disclosed by Ketcham since it is conunon that the service provider and security 
system are one in the same or a part of the same system in direct communication with each other. 
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Claim 12: 

Ketcham and Carroll et al disclose a security system for managing security key assignment in a 
mobile communications terminal, the security system as in Claim 1 1 above; but Ketcham does 
not disclose, 

- "a verification mechanism for verifying whether the service provider is an approved 
service provider before the unique security key is transmitted to the service provider" 

however, Carroll et al do disclose, 

- "mutual authentication" [column 6 line 45]; 

Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "a verification mechanism for verifying whether the service 
provider is an approved service provider before the unique security key is transmitted to the 
service provider," in the invention as disclosed by Ketcham for the purposes of authentication. 
Claim 13: 

Ketcham and Carroll et al disclose a security system for managing security key assignment in a 
mobile commimications terminal, the security system as in Claim 12 above; but Ketcham does 
not disclose, 

- "the service provider is determined to be the approved service provider, if a first 
condition is met" 

however, Carroll et al do disclose, 

- "Both carrier 140 and activating wireless communication device 110 generate the same 
A-Key (or encryption key) independently and perform mutual authentication" [column 6 
lines 42-45]; 
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Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "the service provider is determined to be the approved service 
provider, if a first condition is met," in the invention as disclosed by Ketcham for the purposes of 
authentication. 
Claim 14: 

Ketcham and Carroll et al disclose a security system for managing security key assignment in a 
mobile communications terminal, the security system as in Claim 13 above; but Ketcham does 
not disclose, 

- "the first condition is set by the mobile device" 
however, Carroll et al do disclose, 

- "During OTASP, carrier 140, also referred to as the service provider, receives the unique 
AKlD.sub.i from a potential subscriber's wireless communication device" [column 6 
lines 36-38]; 

Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "the first condition is set by the mobile device," in the invention 
as disclosed by Ketcham for the purposes of authentication. 
Claim 15: 

Ketcham and Carroll et al disclose a security system for managing security key assignment in a 
mobile communications terminal, the security system as in Claim 13 above; but Ketcham does 
not disclose, 

- "the first condition is communicated to the security system by the mobile device" 
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however, Carroll et al do disclose, 

- "During OTASP, carrier 140, also referred to as the service provider, receives the unique 
AKID.sub.i from a potential subscriber's wireless communication device" [column 6 
lines 36-38]; 

Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "the first condition is communicated to the security system by 
the mobile device," in the invention as disclosed by Ketcham for the purposes of authentication. 
4. Claims 9 & 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Ketcham 
(US-6075860-A) in view of Carroll et al (US-661 1913-Bl) in further view of Hanna et al (US- 
6263434-Bl). 
Claim 9: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
communications network as in Claim 1 above, but do not disclose, 

- "determining if the service provider is approved based on content of a list of approved 
service providers" 

however, Hanna et al do disclose, 

7 "Typically, the identification of the individuals or appHcants who are "privileged" 
members of the group having access to the specified resource is accomplished by 
identifying the individuals that have access privileges in an access control list or in a 
group membership hst" [column 1 lines 25-30]. 
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Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "determining if the service provider is approved based on 
content of a list of approved service providers," in the invention as disclosed by Ketcham and 
Carroll et al for the purposes of restricting access privileges to those whom are permitted. 
Claim 10: 

Ketcham and Carroll et al disclose a secured communication method for a mobile 
conmnmications network as in Claim 9 above, but do not disclose, 

- "the list of approved service providers is stored in the mobile device" 
however, Hanna et al do disclose, 

- "Typically, the identification of the individuals or applicants who are "privileged" 
members of the group having access to the specified resource is accomplished by 
identifying the individuals that have access privileges in an access control list or in a 
group membership list" [column 1 lines 25-30]. 

Therefore, it would have been obvious to one having ordinary skill in the art at the time of the 
applicant's invention to include, "the list of approved service providers is stored in the mobile 
device," in the invention as disclosed by Ketcham and Carroll et al for the purposes of restricting 
access privileges to those whom are permitted. 
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Conclusion 



5. The prior art made of record and not relied upon is considered pertinent to the applicant's 
disclosure. 

a. Brown etal (US-5445863-A) 

b. Mizikovskvetal (US-5794139-A) 

Any inquiry concerning this communication or earlier coromunications from the 
examiner should be directed to Examiner Oscar Louie whose telephone number is 571-270-1684. 
The examiner can normally be reached Monday through Thursday from 7:30 AM to 4:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Myhre, can be reached at 571-270-1065. The fax phone number for Formal or 
Official faxes to Technology Center 2100 is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated infomiation system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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